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PURPOSE: To prevent the leakage of data and the 
generation of forgery without exposing a cipher key on a 
card by using a key code generated by an arithmetic 
circuit to encipher and output data to be sent through 
an enciphering circuit. 

CONSTITUTION: The card 11 consists of a storage 
medium 12 stored with the number peculiar to the card, 
arithmetic circuit 13 which calculates the key code,' 
enciphering circuit 14 which enciphers data, and signal 
transmission lines 15, 16@19. A random number R is 
inputted externally through the transmission line 16 
firstly, and the key code K for enciphering is generated 
by a circuit 13 from this random number R and the 
number I peculiar to the card on the medium 12 and sent 
to the enciphering circuit 14. This circuit 14 inputs 
the original data to be sent through the transmission 
line 18 from the outside, and the key code is enciphered 
and outputted through the transmission line 19. This 
device is united in the card 11 and its internal state 
can not be checked externally at all. 
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Scope of Claim for a Patent 

1. A card with cryptographic circuit built therein and a 
service center thereof, comprising: 

a controller for outputting a random number in 
accordance with an ID code input thereto; 

a card with a cryptographic circuit built therein, 
including a storage medium for storing a preregistered unique 
card number and the data to be transmitted, an arithmetic 
circuit for generating a key code using the unique card 
number output from the storage medium and the random number 
output from said controller, and an encryption circuit for 
encrypting and outputting said data to be transmitted using 
the key code output from said arithmetic circuit; 

a master card corresponding to each ID code, including a 
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storage medium for storing a preregistered unique card number 
and an arithmetic circuit for generating a key code using the 
unique card number output from the storage medium and the 
random number output from said controller; and 

a decryption circuit for decrypting the cryptographic 
data output from the encryption circuit of the card having 
the cryptographic circuit built therein, using the key code 
output from the arithmetic circuit of the master card 
selected by said controller in accordance with the ID code 
input thereto; 

characterized in that said controller, said master card 
and said decryption circuit are built in said service center. 
Detailed Description of the Invention 
[Technical Field of the Invention] 

The present invention relates to a card with a 
cryptographic circuit built therein and a service center 
thereof for preventing the leakage and forgery of the 
contents transmitted by communication. 

[Technical Background of the Invention and Problem Points 
thereof ] 

In recent years, in transmitting information (original 
data) to another party using an IC card having both the 
arithmetic function and the storage function, there has often 
occurred a case requiring the prevention of eavesdropping or 
malicious alteration of the transmitted contents. 
Conventionally, to cope with this problem, an external 
encryption device encrypts and transmits the original data 
using a key code (encryption key) generated by the IC card in 
accordance with the random number supplied from an external 
source . 

In this method, however, the encryption key is 
provisionally exposed and therefore can be maliciously 
tampered with during the transmission of the encryption key 
to the encryption device. For example, it may happen that 
the encryption key transmitted from the IC card to the 
encryption circuit or the encrypted data transmitted from the 
encryption circuit is retrieved and the original data is 
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stolen by a third party using a decryption circuit 
commercially available. Also, the owner of an IC card having 
the original data stored in a storage medium can cut the 
connecting line for transmission of his original data to the 
encryption circuit and transmit other forged data. In this 
way, the contents of the conventional IC card are transmitted 
at the risk of leakage and forgery. 
[Object of the Invention] 

The object of the present invention is to provide a card 
and a service center thereof in which the leakage and forgery 
are prevented by preventing an encryption key from being 
exposed to the outside of the card. 
[Summary of the Invention] 

In this invention, a key code for encryption is 
generated by an arithmetic circuit based on the unique card 
number stored in a storage medium in the card and the random 
number input from a controller in the service center, and the 
data to be transmitted is output by being encrypted in an 
encryption circuit using the key code generated in the 
arithmetic circuit. 
[Effects of the Invention] 

According to this invention, the key code for encryption 
never leaks out but only the encrypted signal is exposed. 
Thus, the encrypted signal cannot 'be decrypted nor forged, 
thereby improving the practical advantage of preventing the 
information leakage . 
[Embodiments of the Invention] 

An embodiment of the present invention will be explained 
below with reference to the drawings. 

Fig. 1 is a diagram showing an outline of this 
embodiment. A terminal 1 (hereinafter referred to as a 
service terminal) for receiving a service is connected by a 
signal transmission path 2 to a center (hereinafter referred 
to as a service center) 3 for managing the service. 
Individual information on the scope of available services is 
contained in the service terminal 1, This information is 
encrypted and sent by the card according to this invention to 
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the service center 3 without being directly exposed. The 
service center 3 decrypts the cryptograph by a method 
described later, and in response to a service request sent 
from the service terminal 1, determines whether the 
particular service request is included in the service scope 
and whether the service is to be provided or not. 

Fig, 2 is a diagram showing a card according to an 
embodiment of the present invention, A card 11 is configured 
of a storage medium 12 for storing the number unique to the 
card, an arithmetic circuit 13 for calculating the key code, 
an encryption circuit 14 for performing encryption and signal 
transmission paths 15, 16, 17, 18, 19, First, a random 
number R is input from an external source through the 
transmission path 16, Based on the random number R and the 
unique card number I stored in the storage medium 12, an 
encryption key code K is generated in the arithmetic circuit 
13 and sent to the encryption circuit 14. The encryption 
circuit 14 is supplied from an external source, through the 
transmission path 18, with the original data to be 
transmitted, and based on the key code, encrypts and outputs 
it through the transmission path 19. This device is 
integrated in the card 11, and the internal operation thereof 
is entirely invisible from outside. According to the 
embodiment shown in Fig. 2, the encryption circuit 14 is 
built in the card 11, and therefore the key code is not 
exposed. Thus, the leakage of the original data can be 
prevented. 

Fig. 3 shows another embodiment of the invention, and is 
a diagram showing a general configuration of a service card 
20 built in the service terminal. In the service card 20, 
the data input through the signal transmission path 18 of the 
card shown in Fig. 2 is built in the storage medium 21 as the 
contents stored in the card, and this storage medium 21 has 
stored therein the information S on the scope of the service. 
The service scope information S corresponds to, for example, 
the amount of deposit, credit line, etc. in a bank system 
application. Based on the number I unique to the card stored 
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in the storage medium 2 2 and the random number R sent from 
the signal transmission path 23, the arithmetic circuit 24 
calculates the encryption key code K from the calculation 
rule K = P(I, R) preventing leakage. Based on the encryption 
key code K, the service scope information S is encrypted by 
the encryption circuit 25 and transmitted outside through the 
signal transmission path 26 (the storage medium 24 and the 
storage medium 22 may be integrated with each other). 

Fig. 4 is a detailed version of Fig. 1, and incorporates 
the embodiment of Fig. 3 as a part thereof. First, the card 
owner sets the service card 20 in the service terminal 1, and 
sends the ID code of the service card 20 (for example, the 
password for the CD card) to the service center 3 through the 
signal transmission path 27. Then, a controller 28 selects a 
master card 29 of the service card 20. (The service center • 
holds the master cards of all the card owners.) The master 
card 29 is the service card 20, less the encryption circuit 
25 and the storage medium 21. The same unique card number I 
is stored in the storage medium 22 and the storage medium 30. 
The arithmetic circuit 24 is also identical to the arithmetic 
circuit 31. In the process, the random number R is sent from 
the controller 28 through the signal transmission paths 23, 
32 to the service card 20 and the master card 2 9 at the same 
time. Then, the arithmetic circuit 24 and the arithmetic 
circuit 31 generates the same encryption key code K according 
to the calculation rule K = P(I, R) . In the service card 20, 
the service scope information S providing the contents of the 
storage medium 21 is encrypted by the encryption circuit 25 
based on the encryption key code K, and sent to the service 
center 3 through the signal transmission path 26. In the 
service center 3, the encrypted data is decrypted by the 
decryption circuit 33 based on the encryption key code K 
obtained from the master card 29 and thus the service scope 
information S can be restored. The service scope information 
S is stored in the storage medium 34. After that, in the 
case where a service request (for withdrawal of cash, for 
example) is' received from the service terminal 1, the 



- 5 - 



controller 28 collates it with the service scope information 
S (outstanding amount of deposit) in the storage medium 34, 
and determines whether the related service is to be executed 
or not. According to this embodiment, the storage medium 21 
as well as the encryption circuit 25 is built in the service 
card 20, and therefore the card owner cannot transmit other 
data to the encryption circuit. Thus forgery can be 
prevented. Also, the service scope information 
conventionally stored in the data base of the service center 
can be stored distributively in the service cards, and 
therefore the data storage space of the service center can be 
remarkably reduced . 
Brief Description of the Drawings 

Fig. 1 is a diagram showing an outline of an embodiment 
of the present invention. Fig. 2 a diagram showing a card 
according to an embodiment of the invention. Fig. 3 a diagram 
showing a card according to another embodiment of the 
invention, and Fig. 4 a detailed version of Fig. 1 
incorporating the embodiment shown in Fig. 3. 

1... Service terminal; 2... Signal transmission path; 
3... Service center; 11... Card; 12, 21, 22, 30, 34... Storage 
medium; 13, 24, 3 1 .. .Arithmetic circuit; 14, 25 ... Encryption 
circuit; 15, 16, 17, 18, 19, 23, 26, 27, 32.. .Signal 
transmission paths; 20... Service card; 28 ... Controller ; 
29... Master card; 33 .. .Decryption circuit 
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